.png){kind=logo}
DOD CYBER AWARENESS CHALLENGE
KNOWLEDGE CHECK 2023 FLASHCARDS
EXAM PREPARATION GUIDE | 50 ITEMS
Q:How should you respond to the theft of your identity?
THE ANSWER IS NOT notify your security POC."to respond to identity theft if it occurs: contact credit reporting agencies, contact financial institutions to cancel accounts, monitor credit card statements for unauthorized purchases, report the crime to local law enforcement"
Q:Which of the following is true of the CAC or PIV card
You should remove and take your CAC/PIV when you leave your station.
Q:Which of the following is true of transmitting SCI?
You may only transport SCI if you have been courier briefed for SCI
Q:Which of the following describes good physical security
Lionel stops an individual in his secure area who's not wearing a badge
Q:Inquiry from a reporter...?
Refer to public affairs
Q:Which of the following is NOT a permitted way to connect a personally-owned
monitor to your GFE?
USB
Q:Which is a best practice for protecting CUI?
Store in locked drawer after working hours
Q:Which of the following is a good practice to protect classified information?
Don't assume open storage is authorized
Q:A compromise of SCI occurs when a person who doesn't have required clearance
or access caveats comes into possession of SCI in any manner
Q:A vendor conducting a pilot program... how should you respond?
Refer the vendor to the appropriate personnel
Q:What security risk does a public Wi-Fi connection pose?
It may expose the information sent to theft
Q:Which of the following is true of internet hoaxes?
They can be part of a DDoS attack.
Q:What level of damage... Top Secret be expected to cause?
Exceptionally grave
Q:Which of the following is NOT a risk associated with NFC?
Additional data charges
Q:How should you secure your home wireless network for teleworking?
Implement Wi-Fi Protected Access 2 (WPA2) Personal encryption at a minimum
Q:What type of social engineering targets senior officials?
Whaling Q:Which of the following is a security best practice when using social networking sites?Avoiding posting your mother's maiden name
Q:What function do Insider Threat Programs aim to fulfill?
Proactively identify potential threats and formulate yadayadayada
Q:Which of the following is true of PHI?
It is created of received by a healthcare provider, health plan, or employer
Q:Which of the following is an example of two-factor authentication?
CAC and PIN Q:Which of the following is a concern when using your Government issued laptop in public?The physical security of the device
Q:What action should you take with a compressed URL on a website known to you?
Search for instructions on how to preview where the link actually leads
Q:What designation includes PII and PHI?
CUI
Q:Which of the following statements is true?
Adversaries exploit social networking sites to disseminate fake news.
Q:Which of the following is NOT PII?
High school attended
Q:Which of the following statements is true?
Many apps and smart devices collect and share your personal information and contribute.....
Q:How can you protect data on your mobile computing and portable electronic
devices (PEDs) Enable automatic screen locking after a period of inactivity
Q:Which of the following is a good practice for telework?
Position your monitor so it is not facing others
Q:Which of the following is true of using a DoD PKI token?
It should only be in a system when actively using it for a PKI-required task.
Q:Which of the following is a best practice for using removable media?
Avoid inserting removable media with unknown content into your computer
Q:Which of the following statements is true of cookies?
You should confirm that a site that wants to store a cookie uses an encrypted link
Q:Which Cyber Protection Condition establishes protection priority focus on
critical functions only?
CPCON 1
Q:A trusted friend in your social network posts vaccine information on a website unknown to you. What action should you take?some of yall mfs need to read this twice- RESEARCH THE SOURCE TO EVALUATE ITS
CREDIBILITY AND RELIABILITY
Q:Which of the following is a reportable insider threat activity?
Attempting to access sensitive information without need to know
Q:Which scenario might indicate a reportable insider threat?
A colleague removes sensitive information without seeking authorization
Q:Which of the following is true?
Digitally signed emails are more secure.
.png)